GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,938

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,156 advisories

Filter by severity

Sort by

Least recently updated

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early... Critical Unreviewed

CVE-2021-45079 was published Feb 8, 2022

Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and... High Unreviewed

CVE-2021-20861 was published Dec 2, 2021

IBM QRadar SIEM 7.3 and 7.4 could allow an attacker to obtain sensitive information due to the... Moderate Unreviewed

CVE-2021-29779 was published Dec 2, 2021

Acer Care Center 4.00.30xx before 4.00.3042 contains a local privilege escalation vulnerability.... High Unreviewed

CVE-2022-24285 was published Mar 11, 2022

Acer QuickAccess 2.01.300x before 2.01.3030 and 3.00.30xx before 3.00.3038 contains a local... High Unreviewed

CVE-2022-24286 was published Mar 11, 2022

YzmCMS v6.3 is affected by broken access control. Without login, unauthorized access to the user... Critical Unreviewed

CVE-2022-23383 was published Mar 11, 2022

TP-Link Omada SDN Software Controller before 5.0.15 does not check if the authentication method... High Unreviewed

CVE-2021-44032 was published Mar 11, 2022

otris Update Manager 1.2.1.0 allows local users to achieve SYSTEM access via unauthenticated... High Unreviewed

CVE-2021-40376 was published Mar 11, 2022

CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate... High Unreviewed

CVE-2022-22729 was published Mar 12, 2022

An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It mishandles software updates... High Unreviewed

CVE-2021-41848 was published Mar 13, 2022

** DISPUTED ** An issue was discovered in OpenSSH before 8.9. If a client is using public-key... Low Unreviewed

CVE-2021-36368 was published Mar 14, 2022

In maccms v10, an attacker can log in through /index.php/user/login in the "col" and "openid"... Critical Unreviewed

CVE-2021-45786 was published Mar 17, 2022

Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used... High Unreviewed

CVE-2022-26504 was published Mar 18, 2022

Red Hat Network (RHN) Satellite Server 5.4 does not use a time delay after a failed login attempt... Moderate Unreviewed

CVE-2011-0718 was published May 17, 2022

The server components in Objectivity/DB 10.0 do not require authentication for administrative... High Unreviewed

CVE-2011-0489 was published May 17, 2022

Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition ... High Unreviewed

CVE-2011-0688 was published May 17, 2022

VMware vFabric tc Server (aka SpringSource tc Server) 2.0.x before 2.0.6.RELEASE and 2.1.x before... Moderate Unreviewed

CVE-2011-0527 was published May 17, 2022

The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x... High Unreviewed

CVE-2011-0383 was published May 17, 2022

Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to bypass authentication... High Unreviewed

CVE-2011-0380 was published May 17, 2022

HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly... Low Unreviewed

CVE-2011-0279 was published May 17, 2022

The Java Servlet framework on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1... High Unreviewed

CVE-2011-0384 was published May 17, 2022

Domain Technologie Control (DTC) before 0.32.9 does not require authentication for (1) admin... Moderate Unreviewed

CVE-2011-0435 was published May 17, 2022

nslcd/pam.c in the nss-pam-ldapd 0.8.0 PAM module returns a success code when a user is not found... Moderate Unreviewed

CVE-2011-0438 was published May 17, 2022

Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for... High Unreviewed

CVE-2011-0392 was published May 17, 2022

The Mobile User Security (MUS) service on Cisco Adaptive Security Appliances (ASA) 5500 series... Moderate Unreviewed

CVE-2010-4690 was published May 17, 2022

Previous 1 2 3 4 5 … 126 127 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,156 advisories